diff --git a/coreutils-6.9-requiresecuritycontext.patch b/coreutils-6.9-requiresecuritycontext.patch
new file mode 100644
index 0000000..175a6ab
--- /dev/null
+++ b/coreutils-6.9-requiresecuritycontext.patch
@@ -0,0 +1,160 @@
+diff -ur coreutils-6.9-orig/src/install.c coreutils-6.9/src/install.c
+--- a/src/install.c 2007-10-30 12:34:07.000000000 +0100
++++ b/src/install.c 2007-10-30 15:41:15.000000000 +0100
+@@ -174,6 +174,7 @@
+   x->preserve_mode = false;
+   x->preserve_timestamps = false;
+   x->require_preserve = false;
++  x->require_preserve_context = false;
+   x->recursive = false;
+   x->sparse_mode = SPARSE_AUTO;
+   x->symbolic_link = false;
+diff -ur coreutils-6.9-orig/src/mv.c coreutils-6.9/src/mv.c
+--- a/src/mv.c 2007-10-30 12:34:07.000000000 +0100
++++ b/src/mv.c 2007-10-30 15:34:37.000000000 +0100
+@@ -131,6 +131,7 @@
+   x->preserve_timestamps = true;
+   x->preserve_security_context = selinux_enabled;
+   x->require_preserve = false;  /* FIXME: maybe make this an option */
++  x->require_preserve_context = false;
+   x->recursive = true;
+   x->sparse_mode = SPARSE_AUTO;  /* FIXME: maybe make this an option */
+   x->symbolic_link = false;
+diff -ur coreutils-6.9-orig/src/copy.c coreutils-6.9/src/copy.c
+--- coreutils-6.9-orig/src/copy.c	2007-10-30 12:34:07.000000000 +0100
++++ coreutils-6.9/src/copy.c	2007-10-30 16:01:22.000000000 +0100
+@@ -306,25 +307,33 @@
+   if (! *new_dst)
+     {
+       dest_desc = open (dst_name, O_WRONLY | O_TRUNC | O_BINARY);
+ 
+ #ifdef WITH_SELINUX
+-      if (dest_desc >= 0 && selinux_enabled &&
+-	  (x->preserve_security_context || x->set_security_context))
++      if (x->preserve_security_context && 0 <= dest_desc)
+ 	{
+-	  security_context_t con;
+-	  if(getfscreatecon(&con) == -1)
++	  security_context_t con = NULL;
++	  if(getfscreatecon(&con) < 0)
+ 	    {
+-	      return_val = false;
+-	      goto close_src_desc;
++        if (x->require_preserve_context)
++        {
++         error(0, errno, _("failed to get file system create context"));
++	        return_val = false;
++	        goto close_src_desc;
++        }
+ 	    }
+ 
+ 	  if (con)
+ 	    {
+-	      if(fsetfilecon(dest_desc, con) == -1)
++	      if(fsetfilecon(dest_desc, con) < 0)
+ 		{
+-		  return_val = false;
+-		  freecon(con);
+-		  goto close_src_desc;
++      if (x->require_preserve_context)
++      {
++        error(0, errno, _("failed to set security context of %s to %s"), 
++              quote_n (0, dst_name), quote_n(1, con));
++        return_val = false;
++		    freecon(con);
++		    goto close_src_desc;
++      }
+ 		}
+ 	      freecon(con);
+ 	    }
+@@ -1577,10 +1587,10 @@
+ 	{
+ 	  if (setfscreatecon(con) < 0) 
+ 	    {
+-	      error (0, errno, _("cannot set setfscreatecon %s"), quote (con));
+-	      if (x->require_preserve) {
+-		freecon(con);
+-		return 1;
++	      error (0, errno, _("cannot set default file creation context to %s"), quote (con));
++	      if (x->require_preserve_context) {
++            freecon(con);
++            return false;
+ 	      }
+ 	    }
+ 	  freecon(con);
+@@ -1588,7 +1598,8 @@
+       else {
+ 	if (( errno != ENOTSUP ) && ( errno != ENODATA )) {
+ 	  error (0, errno, _("cannot lgetfilecon %s"), quote (src_name));
+-	  return 1;
++	  if (x->require_preserve_context)
++	    return false;
+ 	}
+       }
+   }
+diff -ur coreutils-6.9-orig/src/copy.h coreutils-6.9/src/copy.h
+--- coreutils-6.9-orig/src/copy.h	2007-10-30 12:34:07.000000000 +0100
++++ coreutils-6.9/src/copy.h	2007-10-30 15:52:59.000000000 +0100
+@@ -150,6 +150,18 @@
+      it be zero.  */
+   bool require_preserve;
+ 
++  /* Useful only when preserve_security_context is true.
++     If true, a failed attempt to preserve a file's security context
++     propagates failure "out" to the caller.  If false, a failure to
++     preserve a file's security context does not change the invoking
++     application's exit status.  Give diagnostics for failed syscalls
++     regardless of this setting.  For example, with "cp --preserve=context"
++     this flag is "true", while with "cp -a", it is false.  That means
++     "cp -a" attempts to preserve any security context, but does not
++     fail if it is unable to do so.  */
++  bool require_preserve_context;
++
++
+   /* If true, copy directories recursively and copy special files
+      as themselves rather than copying their contents. */
+   bool recursive;
+diff -ur coreutils-6.9-orig/src/cp.c coreutils-6.9/src/cp.c
+--- coreutils-6.9-orig/src/cp.c	2007-10-30 12:42:13.000000000 +0100
++++ coreutils-6.9/src/cp.c	2007-10-30 16:00:33.000000000 +0100
+@@ -766,7 +766,7 @@
+   x->preserve_security_context = false;
+   x->set_security_context = false;
+ #endif
+-
++  x->require_preserve_context  = false;
+   x->require_preserve = false;
+   x->recursive = false;
+   x->sparse_mode = SPARSE_AUTO;
+@@ -844,6 +844,7 @@
+ 
+ 	case PRESERVE_CONTEXT:
+ 	  x->preserve_security_context = on_off;
++    x->require_preserve_context = on_off;
+ 	  break;
+ 
+ 	case PRESERVE_ALL:
+@@ -851,7 +834,10 @@
+ 	  x->preserve_timestamps = on_off;
+ 	  x->preserve_ownership = on_off;
+ 	  x->preserve_links = on_off;
+-	  x->preserve_security_context = on_off;
++	  if (selinux_enabled) {
++	    x->preserve_security_context = on_off;
++     x->require_preserve_context = on_off;
++   }
+ 	  break;
+ 
+ 	default:
+@@ -915,8 +916,9 @@
+ 	  x.preserve_ownership = true;
+ 	  x.preserve_mode = true;
+ 	  x.preserve_timestamps = true;
+-	  x.preserve_security_context = true;
+-	  x.require_preserve = true;
++		if (selinux_enabled)
++	  	x.preserve_security_context = true;
++    x.require_preserve = true;
+ 	  x.recursive = true;
+ 	  break;
+ 
diff --git a/coreutils.spec b/coreutils.spec
index 10e001c..936da40 100644
--- a/coreutils.spec
+++ b/coreutils.spec
@@ -1,7 +1,7 @@
 Summary: The GNU core utilities: a set of tools commonly used in shell scripts
 Name:    coreutils
 Version: 6.9
-Release: 10%{?dist}
+Release: 11%{?dist}
 License: GPLv2+
 Group:   System Environment/Base
 Url:     http://www.gnu.org/software/coreutils/
@@ -46,6 +46,8 @@ Patch916: coreutils-getfacl-exit-code.patch
 
 #SELINUX Patch
 Patch950: coreutils-selinux.patch
+#SELINUX Patch fix to allow cp -a rewrite file on different filesystem
+Patch951: coreutils-6.9-requiresecuritycontext.patch
 
 BuildRequires: libselinux-devel >= 1.25.6-1
 BuildRequires: libacl-devel
@@ -111,6 +113,7 @@ the old GNU fileutils, sh-utils, and textutils packages.
 
 #SELinux
 %patch950 -p1 -b .selinux
+%patch951 -p1 -b .require-preserve
 
 # Don't run basic-1 test, since it breaks when run in the background
 # (bug #102033).
@@ -282,6 +285,10 @@ fi
 /sbin/runuser
 
 %changelog
+* Tue Oct 30 2007 Ondrej Vasik <ovasik@redhat.com> - 6.9-11
+- allow cp -a to rewrite file on different filesystem(#219900)
+  (based on upstream patch)
+
 * Mon Oct 29 2007 Ondrej Vasik <ovasik@redhat.com> - 6.9-10
 - modified coreutils-i18n.patch because of sort -R in
   a non C locales(fix by Andreas Schwab) (#249315)